Caveon Security Audit (View PDF)

You’ve invested a significant amount of time and money to develop your testing program. Wouldn’t you like to make sure it’s secure?

A Caveon Security Audit gives you an in-depth evaluation of your program’s security. You gain confidence knowing where your strengths lie. And just imagine being able to present these results to your boss, with a detailed report listing those security strengths and specifying how to make needed improvements.

What’s at Stake?
Test compromise is disastrous to a reputable testing program. When a test has been breached, you must address the issue or lose credibility, not to mention your significant monetary investment. Ignoring security breaches only worsens the problem by rewarding cheaters with apparently legitimate test results.

The bottom line is that you need to know if your testing program is secure or whether it is vulnerable to cheating or piracy. Only then can you decide if the benefits of mitigating risk outweigh the expense of implementing tighter security measures.

Get the Answer with a Caveon Security Audit
A Caveon Security Audit, the foundation of Caveon’s Detection services, is a comprehensive, end-to-end examination of your testing program. It shows you exactly what your security strengths are and reveals its current or potential vulnerabilities.

This gives you an objective view and clear understanding of potential security problems, which can occur in any phase of test management, so you know what to watch out for and have the power to keep your program secure.

What Does the Security Audit Entail?
Caveon Security Directors, top people in the testing industry, conduct an on-site visit to interview you and others—such as development managers, psychometricians, technical managers, or testing vendors—at the managerial level of the testing program.

The Security Directors ask a number of detailed questions in several topic areas to collect data about the program’s security measures. They compare those measures against industry best practices to evaluate your program’s status and identify potential security problems.

An initial audit question is, “Does the test program have a security plan in place?” If so, detailed questions will determine whether it is comprehensive enough. Another topic addresses legal precautions and agreements. (You have to make sure, for example, that everyone involved in your testing program—from a third-party subject-matter expert to the test proctor—has signed nondisclosure and other legally binding documents.) Some other topics include test-development practices, validation of scores, transmission of test information, Web monitoring for unauthorized disclosure of test data, and your security-breach action plan.

Shortly after this thorough audit you’ll receive a comprehensive report with a list of recommendations and an audit summary. The recommendations and audit summary provide a thorough review of your program’s existing security measures. The report also rates the priority level of the recommendations so you see clearly which measures to implement first. You’ll also receive an abbreviated version of the report in Microsoft PowerPoint, which you can use to brief upper management on your program’s security status.

When Caveon Security Directors identify potential or real exposure, they can help you select additional Caveon services to locate and detect cheating—because if you don’t find and stop cheating and exam piracy now, you can’t hope to prevent recurrences.

The first step is to find out how secure your program is. And that’s exactly what the Caveon Security Audit tells you.

Send this page to a friend.